I took a quick look at the atomicwallet.AppImage.
As expected, it’s just an Electron app (it has an embedded Chromium browser + NodeJS) so it’s probably reaching out to HTTPS endpoints at atomicwallet’s web site.
This means not connect the VM to a NetVM, and then exec the AppImage with a --proxy-server http://127.0.0.1:8888 argument, and then follow the guide @Rooftop made @ Restricting a Qube to selected websites.
Also, if it matters to you, that AppImage does not embed a signature (--appimage-signature), nor does their website provide provide any signatures in the download location. sha256 hashes are provided, but the site is also behind CloudFlare.